The Orca Security Team, Author at Orca Security

Unlocking Kubernetes Security: Insights from Our Session at SANS Kubernetes & CNAPP Forum

Container and Kubernetes

Unlocking Kubernetes Security: Insights from Our Session at SANS Kubernetes & CNAPP Forum

In the intricate world of cloud-native technologies, Kubernetes stands as a formidable force, reshaping the way applications are managed and...

The Orca Security Team

Feb 25, 2026

Kafka cluster is using an unsupported Kafka version

Kafka cluster is using an unsupported Kafka version

Kafka cluster {AwsKafkaCluster} is using Kafka version 2.4.1. This version contains bugs and is not supported by AWS MSK

The Orca Security Team

Jun 06, 2023

Ensure that registry certificate file permissions are set to 444 or more restrictively (Automated)

Ensure that registry certificate file permissions are set to 444 or more restrictively (Automated)

You should verify that all the registry certificate files (usually found under /etc/docker/certs.d/ directory) have permissions of 444 or are...

The Orca Security Team

Jun 06, 2023

Ensure that TLS CA certificate file ownership is set to root:root (Automated)

Ensure that TLS CA certificate file ownership is set to root:root (Automated)

You should verify that the TLS CA certificate file (the file that is passed along with the -- tlscacert parameter)...

The Orca Security Team

Jun 06, 2023

Ensure that Docker server certificate file ownership is set to root:root (Automated)

Ensure that Docker server certificate file ownership is set to root:root (Automated)

You should verify that the Docker server certificate file (the file that is passed along with the --tlscert parameter) is...

The Orca Security Team

Jun 06, 2023

Ensure that the Docker server certificate file permissions are set to 444 or more restrictively (Automated)

Ensure that the Docker server certificate file permissions are set to 444 or more restrictively (Automated)

You should verify that the Docker server certificate file (the file that is passed along with the --tlscert parameter) has...

The Orca Security Team

Jun 06, 2023

Ensure that daemon.json file permissions are set to 644 or more restrictive (Automated)

Ensure that daemon.json file permissions are set to 644 or more restrictive (Automated)

You should verify that if the daemon.json is present its file permissions are correctly set to 644 or more restrictively.

The Orca Security Team

Jun 06, 2023

Ensure that the /etc/sysconfig/docker file ownership is set to root:root (Automated)

Ensure that the /etc/sysconfig/docker file ownership is set to root:root (Automated)

You should verify that the /etc/sysconfig/docker file individual ownership and group ownership is correctly set to root.

The Orca Security Team

Jun 06, 2023

Ensure network traffic is restricted between containers on the default bridge (Automated)

Ensure network traffic is restricted between containers on the default bridge (Automated)

By default, all network traffic is allowed between containers on the same host on the default network bridge.

The Orca Security Team

Jun 06, 2023

All articles by The Orca Security Team

Unlocking Kubernetes Security: Insights from Our Session at SANS Kubernetes & CNAPP Forum

Kafka cluster is using an unsupported Kafka version

Ensure that registry certificate file permissions are set to 444 or more restrictively (Automated)

Ensure that TLS CA certificate file ownership is set to root:root (Automated)

Ensure that Docker server certificate file ownership is set to root:root (Automated)

Ensure that the Docker server certificate file permissions are set to 444 or more restrictively (Automated)

Ensure that daemon.json file permissions are set to 644 or more restrictive (Automated)

Ensure that the /etc/sysconfig/docker file ownership is set to root:root (Automated)

Ensure network traffic is restricted between containers on the default bridge (Automated)

See Orca Security in Action

See Orca Security in Action

Cloud Security Platform

Technology Ecosystem

By Solution

By Industry

Comparisons